They never learn: Symantec support page search form XSS bug

Vulnerable page: https://support.symantec.com/

PoC
https://support.symantec.com/en_US/search.html?keyword="><img src=http://www.te-home.net/gallery/xssd_by_teamelite.png>

You can either include any XSS code in search input box, or request any XSS code directly using GET method and keyword parameter.



Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Написано RoLex в 2017-05-22 01:1610 likes

Комментарии

There are no comments for this news article, you can write one here.